Monthly Archives: April 2020

Oleid – Analyze OLE Files for Malicious Flash and Macros

oleid is a script to analyze OLE files such as MS Office documents (e.g. Word, Excel), to detect specific characteristics usually found in malicious files

Vault – Framework to Manage Secrets

Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords

AutoRecon – Multi-threaded Network Recon Tool

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool

MacroRaptor – Tool to Scan for Malicious VBA Macros

MacroRaptor is a tool designed to detect most malicious VBA Macros using generic heuristics. Unlike antivirus engines, it does not rely on signatures.

WebGoat – A Deliberately Insecure Web Application

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration

OSS-Fuzz – Continuous Fuzzing of Open Source Projects

OSS-Fuzz is an open source project developed by Google in cooperation with the Core Infrastructure Initiative. This framework

Param Miner – Burp Extension for Web Cache Poisoning

Param Miner is a burp extension that identifies hidden, unlinked parameters. It’s particularly useful for finding web cache poisoning vulnerabilities.